trusteer community day at think - march 18 2018 - final · • delivering an exceptional and secure...
TRANSCRIPT
![Page 1: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/1.jpg)
IBM TrusteerADVANCED FRAUD PROTECTION USER GROUP
March 18, 2018
![Page 2: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/2.jpg)
Welcome!
![Page 3: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/3.jpg)
3 IBM Security
Agenda
Time Duration (min.)
Topic Speaker
10:15 15 Welcome and Introductions Jason Keenaghan
10:30 20 Trusteer Client Case Studies Shira Shacham
10:50 90 Roundtable: Emerging Challenges in Fraud• Recent Fraud Trends and Threat Landscape• Delivering an Exceptional and Secure User
Experience• Building a Risk Ecosystem• Open Banking and Protecting the API Channel
Nir Stern
12:20 10 Closing and Next Steps Jason Keenaghan
12:30 *** End of Session ***
![Page 4: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/4.jpg)
4 IBM Security
Get to know the IBM Trusteer team in attendance
IBM CONFIDENTIAL
OFFERINGMANAGEMENT
ENGINEERING& SECURITY
CLIENTTEAM
PRODUCTMARKETING
JasonKeenaghan
GalFrishman
NickWetton
EileenTurner
NirStern
DoronBen-Ari
NicolasMeyerhoffer
ValerieBradford
SaritKozokin
ShiraShacham
KateReed
ShakedVax
RobRendell
AyeletAvni
FrankMendicino
MaximShifrin
MeirAsiskovich
![Page 5: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/5.jpg)
5 IBM Security
LEADin strategic domains
IBM Security Strategy
SUPPORTthe CISO agenda Cloud Mobile and
Internet of ThingsComplianceMandates
SkillsShortage
AdvancedThreats
Cloud CollaborationCognitive
ACCELERATEwith key innovation
![Page 6: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/6.jpg)
6 IBM Security
IBM Security Immune System
QRadar Incident ForensicsQRadar Network InsightsManaged Network SecuritySecure SD-WAN
X-Force Exchange | Malware AnalysisX-Force IRIS
Guardium | Multi-cloud Encryption | Key ManagerCritical Data Protection Services
Identity Governance and AccessCloud IdentityzSecureIdentity Management Services
MaaS360Mobile Device Management
TrusteerFinancial Malware and Threat Research
AppScanApplication Security on CloudX-Force RedSDLC Consulting
QRadar | Watson | Resilient | i2Security Operations Consulting
X-Force Command CentersX-Force IRIS
BigFixManagedDetection & Response
App ExchangeHybrid Cloud Security Services
ProductsServices
![Page 7: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/7.jpg)
7 IBM Security
IBM Trusteer: The digital trust platform fueled by machine learning and AI
Servicing over 500 of leading organizations worldwide. Processing over 40 billion application accesses and over 1 billion user sessions every month.
Trusteer Pinpoint Platform
Trusteer Intelligence Cloud
Mobile SDK
Real-time Activity Risk Assessment (e.g. login, payment)
New Account Fraud
Detect(Malware / ATO)
Global Fraud DB
Rapport
IBM Safer Payments
(Omni-channel fraud protetion)
![Page 8: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/8.jpg)
Trusteer Client Case Studies
![Page 9: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/9.jpg)
9 IBM Security
Who we are?
![Page 10: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/10.jpg)
10 IBM Security
Customers Case Studies - LATAM Bank
• A large bank in LATAM, a subsidiary of aglobal bank.
• Has Rapport (incl. phishing),Pinpoint and Mobile SDK
• PPCD for the business segment wasdeployed at the end of 2017, where theconfirmed fraud attempts number grew froma few each month to 68 in January2018.
• During 2017, they took down almost
3000 fake bankwebpages.
254
137
63
182
227248
147
322
502
410
284
334
523
3 2 3 1 1 1 3 2 10 4 7 268
Jan-17 Feb-17 Mar-17 Apr-17 May-17 Jun-17 Jul-17 Aug-17 Sep-17 Oct-17 Nov-17 Dec-17 Jan-18
![Page 11: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/11.jpg)
11 IBM Security
T1 Bank in NA• PPD covers the Bank’s commercial application.
• During our 3 years there, we were able to help the bank against Dyre, Trickbotand most recently targeted spear phishing attacks.
• We are working with the bank on adjustments to our policies based on specific transaction types and the risk per each transaction type.
• Past 6 months data-
detection rates of 90% alert rate of 0.03%
Customers Case Studies
![Page 12: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/12.jpg)
12 IBM Security
UK T1 bank• PPD platform deployed in 8 applications, on Retail, Commercial and Business
• In 2017 - Fraud trends have shifted to commercial and business mostly
• Main attack vectors are Malware redirection, RAT and sophisticated social engineering schemes.
• PPD stopped all losses from redirection attacks- Trickbot, Gozi and Dridex.
• Detection rates are ~ 65%, with alert rates below 0.05%. Most missed frauds are due to the legitimate user being manipulated to perform the
transaction. Transactional data is not shared with PPD today.
• Recently behavioral biometrics features were enabled and have further reduced alert rates (in around 40%)
Customers Case Studies
![Page 13: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/13.jpg)
13 IBM Security
T1 Bank in France• PPD Platform protects several applications on the retail and commercial side including
Mobile protection and policy manager.
• Before implementing PPD Platform, the bank reported ~ 200 weekly fraud cases.
• Along side PPD the bank made some policy changes in their internal control, based on PPD risk assessment and was able to reduce loss significantly.
• PPD Platform detection rate is ~95% with alert rate as low as 0.01%
• Fraud attempts are now are as low as ~30 fraud cases per week. Main attack vector is Phishing
Customers Case Studies
![Page 14: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/14.jpg)
Roundtable: Emerging Challenges in Fraud
![Page 15: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/15.jpg)
Think 2018 / DOC ID / Month XX, 2018 / © 2018 IBM Corporation 15
Open Discussion
1. Recent Fraud Trends and Threat landscape
2. Providing exceptional user-experience securely
3. Building a Risk Eco-System
4. Open Banking
![Page 16: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/16.jpg)
Think 2018 / DOC ID / Month XX, 2018 / © 2018 IBM Corporation 16
Recent Fraud Trends and Threat landscape
![Page 17: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/17.jpg)
Global Trends in the Market
17Think 2018 / Mar 19, 2018 / © 2018 IBM Corporation
• Fraud is shifting:
• From mass attacks based on complex technology (i.e. malwares)
• To targeted attacks, very focused, and using combination of technology (Malwares, RATs) & social engineering.
• We also see shift from retail to business, to increase profitability
• For business applications – fraud is still a big issue in many cases
• For retail – experience is the key.
• Focus on behavioral analysis and behavioral biometrics
• Focus on smooth user experience and friendly authentication methods
• Mobile becomes the dominant channel
• Customers shift to mobile
• So does the fraudsters (many times in combination with web)
• While security is an agile space, mobile Apps by nature adopt very slowly
![Page 18: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/18.jpg)
Example use-case
Malware installed
Steals credentials
Overlay attack
Attempts account takeover
![Page 19: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/19.jpg)
Multi-Channel fraud journey
IBM Confidential - Shared Under NDA
![Page 20: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/20.jpg)
Social Engineering Use-Cases Examples
IBM Confidential - Shared Under NDA
• Use Case #1: Fraudster calls customer claiming to be from Mobile Provider and claims
that there is a virus on the device. Informs customer that they can clean device for a small sum and also
requests RAT. Customer accepts RAT request, starts to complete the small payment. Fraudster takes over device, amending the payment sum.
• Use Case #2: Pure social engineering. The customer is convinced by the Fraudsters ruse and completes the whole
payment journey themselves.
• Use Case #3: Smishing driven MO. Customer receives a text which looks legitimate informing them they have
made a payment, and to call the number to report fraud. The customer does so and is told their account is compromised and the
fraudster then either convinces them to move the money, or follows a similar script to use case 1.
Mobile/WEB Features
ATO Detection
RAT Detection
Behavior Biometrics
Overlay attack detection
SMS stealing
Emulator Detection
Mobile/WEB Features
ATO Detection
Behavior Biometrics
Mobile/WEB Features
ATO Detection
Smishing Detection
Behavior Biometrics
Phone Number Intelligence
![Page 21: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/21.jpg)
Global Trends in the Market
21Think 2018 / Mar 19, 2018 / © 2018 IBM Corporation
• Open banking (PSD2) may be a game changer in various aspects
• Limited visibility to users interaction
• New attacks, new threats, increase in frauds for retail again (?)
• Mixture of banking & ecommerce transactions – great risk potential
• New competition for bank from Fintech start-ups.
• Fraud is expanding to new verticals
• Health, insurance, investment banking, airlines, etc…
• Fraudsters expand to target cryptocurrency platforms…
![Page 22: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/22.jpg)
Major Attack Vectors on Crypto Currency
22Think 2018 / Mar 19, 2018 / © 2018 IBM Corporation
• Fraudster goal: monetary gain through
• Direct theft: wallet grabbing, asset theft, credential hijacking, transaction alteration
• Attacks on Exchanges, CC Burses and platforms
• Coin-wide attacks
• World wide prevalence
• Major players:
• Dridex - steals cryptocurrency wallets.
• Trickbot –
• Recent Blog by IBM X-Force, on TrickBot’s expansion to attack CryptoCurrecny platform to perform payee alteration
• Recently added coinbase.com
• The malware monitors the victim’s browsing habits and injects a fake login page whenever the user visits coinbase.com.
• HawkEye - Added Bitcoin wallet stealing to its arsenal.
• Cerber - The actors have resorted to stealing the coins from the wallet before encrypting the system.
• OSX/Miner-D - Steals Bitcoins and mines a system.
![Page 23: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/23.jpg)
Scale of attacksCompany Country Industry Date Type Value
CoinDash Israel Financial Markets
17-Jul-17 Initial Coin Offering
>7M US$
Bithumb Republic of Korea
Financial Markets
29-Jun-17 Direct PC hacking
1M US$
CoinPouch USA Financial Markets
9-Nov-17 Wallet app service breach
~22M US$
Tether Hong Kong Financial Markets
21-Nov-17 Direct wallet hacking
31M US$
NiceHash Slovenia Financial Markets
6-Dec-17 Direct wallet hacking
~70M US$
Youbit Republic of Korea
Financial Markets
19-Dec-17 Direct wallet hacking
~60M US$
![Page 24: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/24.jpg)
Think 2018 / DOC ID / Month XX, 2018 / © 2018 IBM Corporation 24
Providing Exceptional User Experience Securely
![Page 25: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/25.jpg)
Support Business Growth – Expedite Digital Transformation
25Think 2018 / Mar 19, 2018 / © 2018 IBM Corporation
Build trust with the user while keeping focus on user experience
Lead a secure digital transformation, while preserving an exceptional customer experience
Business Growth
Expedite Digital Transformation
Build trust with the user while keeping focus on user experience
Digital Identity Analytics
![Page 26: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/26.jpg)
The digital world has created heightened user expectations
26Think 2018 / Mar 19, 2018 / © 2018 IBM Corporation
Users want seamless mobile, online and cross-channel access
Convenience brings opportunities for new threats & risks
Threat mitigation can impact customer experience
Which contradicts with security mitigation factors
![Page 27: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/27.jpg)
The digital world has created heightened user expectations
27Think 2018 / Mar 19, 2018 / © 2018 IBM Corporation
Device Spoofing
Users want seamless mobile, online and cross-channel access
Ineffective threat mitigation
Phishing Attacks
MitB
Social Engineering
SMS stealers& Overlay
Advanced Threats
![Page 28: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/28.jpg)
Digital Identity Analytics
Account Registration
Existing account Login/Transaction
High Risk or fraud indication
Establish Sustain Recover
![Page 29: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/29.jpg)
Digital transformation is changing the banking game
Digital experience & Open eco-system• Accelerate digital
functionality from any channel
• Seamlessly verify users in onboarding process to help reduce abandonment
• Increase new account creations with potential shorter lifetime of accounts
Evolving Threat Landscape• Rising identity fraud • Shift to open banking/ (API)
new opportunity for fraud • Personal data is readily
available
Compliance & Regulation• Faster Payments• PSD2• FFIEC
![Page 30: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/30.jpg)
New Account Registration – Risk assessment Steps
KYC/AMLIdentity verification Is this person exist?
Identity assuranceAre you who you say you
are?
Identity riskCan we trust you?
CreditCredit score & worthiness
![Page 31: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/31.jpg)
Transparently differentiate true users from fraudsters
• Enabling seamless digital onboarding process in real-time
• Deliver holistic view across digital channels with Pinpoint Detect integration
• Build your own policy with Policy Manager, exposing new account intelligence
• Help reduce risk and fraud losses
• Help reduce abandonment in the account creation process and sales processes
• Reduce the need to use expensive channels such as call center or branches
• Flexibility in tuning the user experience vs. risk
Transparent risk assessment in real-time for new account creation
![Page 32: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/32.jpg)
Open Discussion
32Think 2018 / Mar 19, 2018 / © 2018 IBM Corporation
• How do you measure the user satisfaction from your digital channels? • Do your organization measure the security impact on user experience and
satisfaction?• Are there any clear goals / objectives on that to the fraud / security teams?
• What step-up auth. Mechanism are used today? • What percentage of activities are being 2FA?• Do you have goals to reduce these?• How do you measure their effectiveness?
• Digital registration process –• Which products are available digitally?• What are the processes to support them?• what are the challenges?
![Page 33: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/33.jpg)
Think 2018 / DOC ID / Month XX, 2018 / © 2018 IBM Corporation 33
Building a Risk Eco-System
![Page 34: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/34.jpg)
Building a Risk Eco-System
34Think 2018 / Mar 19, 2018 / © 2018 IBM Corporation
ANALYZERisk Indicators from multiple
sources – business & technical
UNDERSTANDKnown & unknown users,
browsers, devices
EVALUATEBehavioral patterns and
identify anomalies
SECUREMulti-channel access from
web, mobile, API, more
App Exchange
GATHERThreat intelligence & adapt
protections continuously
Consume:
3rd Party Identity & Device
Intelligence
Provide:
Dynamic Trust Scoring and
Authentication
Secure End-to-End Digital Customer Journey
Banking Insurance Communications Travel Retail
Expand Value through additional dataStreamline time-to-value
![Page 35: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/35.jpg)
Trusteer Intelligence Eco-SystemIntelligence sources Marketplace
Enrich Trusteer offering value through streamlined capabilities of threats research, risks, data-elements to its Policy Manager.
This model shall expand to multiple vendors quicker
Use Case:
– Client buys 3rd party data sources directly,
– Trusteer streamlines integration into Pinpoint Detect Policy manager
– Client writes rules to use data sources
Prepackaged Intelligence and logic
• Provide packages of use-case specific crime-logic based on external data sources that enhances detection
• Use Case: Clients add 3rd party data source to Trusteer
contract (i.e. buy-through IBM) Trusteer Pinpoint team expand detection
policies using new intelligence source Client can customize polices in Policy
Manager*
* Not all 3rd party raw data elements will be available in Policy manager
![Page 36: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/36.jpg)
Think 2018 / DOC ID / Month XX, 2018 / © 2018 IBM Corporation 36
PSD2 & Open Banking
![Page 37: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/37.jpg)
PSD2 – Customer point of view
37
Today PSD2
Bank A
Kate(Customer)
Bank B Credit CardProvider
Third Party Aggregation
Bank A Bank B Credit CardProvider
Kate(Customer)
Kate (Customer) experience:
Kate can access all of her ‘payment’ accounts at once
Kate can view her account information and transactions in one place
Kate is not going to be charged a fee for access
Kate is enjoying faster and smoother buying experience
Kate is assured that her transactions are more secure, but yet frictionless
![Page 38: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/38.jpg)
Open Banking: Two main use cases
• Third Party Provider (TPP)• Account Information Service Providers (AISP)
Kate
Customer ChannelAccount
Data AccessAPI Channel
Payment InitiatorMerchant
2. Payment
2. PaymentBank
Kate
Customer ChannelAccount
Data AccessAPI Channel
Aggregator
Bank
1. Account Information
1. Account Information
PSPPISP
TPPAISP
• Payment Service Providers (PSP)• Payment Initiation Service Provider (PISP)
![Page 39: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/39.jpg)
Both scenarios can be realized with three simple steps
• On-boarding third party provider Integration with API management system Integration with Social Identity providers Strong Authentication
• User account enrolment and consent Risk assessment Consent management Strong Customer Authentication (SCA) for elevated risk
• Application / API Access or Payment Omni-channel fraud protection Multiple enforcement points Strong Customer Authentication (SCA) for elevated risk
1
2
3
![Page 40: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/40.jpg)
40 IBM Security
Bring simple and strong verification to online services
Strike a balance between usability and security with multi-factor authentication
IBM Verify
![Page 41: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/41.jpg)
41 IBM Security
Identify the difference between customers and fraudsters
Adaptive fraud protection using machine learning and advanced analytics
IBM Trusteer
• Cognitive phishing detection and protection
• Automated malicious pattern recognition
• Behavioral biometrics
![Page 42: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/42.jpg)
42 IBM Security
Look Across Payment and Interaction Channels to Build a Complete Picture of a Customer’s Identity & Behavior
Omni-ChannelView InteractionChannelsCashCheck/DepositWire,ACH,Sepa,etcNPP,RTP,UKFP,etcDebitCardCreditCard…ProfileChangeProductChangePeopleChangeInquiry…
IVR
ATM
BranchPaym
entTypes
Non
-Financia
l Online(PC
)Mob
ileApp
CallC
enter
Picture ofCustomerBehavior
The full picture of the customer behavior across all payment
types and interaction channels
IBM Confidential
![Page 43: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/43.jpg)
Closing and Next Steps
![Page 44: Trusteer Community Day at Think - March 18 2018 - FINAL · • Delivering an Exceptional and Secure User Experience • Building a Risk Ecosystem • Open Banking and Protecting the](https://reader035.vdocuments.site/reader035/viewer/2022070909/5f92127dbd78906db6221b97/html5/thumbnails/44.jpg)
44 IBM Security
Continue the engagement this week at IBM Think